Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [mosquitto-dev] using ACLs and TLS.
  • From: Mikkel Kirkgaard Nielsen <miki@xxxxxxxxx>
  • Date: Thu, 3 May 2018 21:18:17 +0200
  • Autocrypt: addr=miki@xxxxxxxxx; prefer-encrypt=mutual; keydata= xsBNBFMd83ABCADxxYghzMWmQsNfoyLaz0gKHiuj+ShYpE4CPtHt7SUZMQrLPwHGRq/fXksS u17Kg7PtQLkxRKOKhd9/UgtIuQbCoWwByPok78DgWglJh0KzxK7iSoUCEXlSf/kzaLNXiTZh UdCl0WMzkleRmAG/cpN91WpHPSOacQLlqUUF09T60R2BpPSLSkQDwvj48HU0t2LnoIMsqOnj CVg1Jtp2R7cxFuz1c4OEscKPMIEI4Xg6UWBfpF+dG6IFFZNZTTa0tFFkcOd3WoMfLUD92Crt gz5XOxNkWONps6eo51GN4H6UEff5Vi3Ym7CslW6PAW7eruPCL7JljPUbgfQXH1i2Mr7nABEB AAHNKk1pa2tlbCBLaXJrZ2FhcmQgTmllbHNlbiA8bWlraW5pQGZzZmUub3JnPsLAdwQTAQgA IQUCWnMkqgIbAwULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRCdpbhVs2k0mpwyB/9Gozy0 00cpDTglN6/rrWyhDstsgyFcio03NG98nRN9rcMI5jQi+MXJAc7E+m4ndaeTMkkjloWqEv+g m4i/AabeViY8KPJmV2fkFEweXyOKeKG7s32j0lv14N0xE4egcIjtC81BNx3QRyZN2C7kv5sh L9joLcjA3RTQdIHq9HBmVoUcZZUQMtXA+aBtsb/cSmvkD4nWTqyY+8WmlT0JGHCpfifgAmKz ipBqFqWUFx4atwqEAHUHU4oWhwtlkYg4GkrhiClC0AD47YbjPGCx1tP3rwZfSRizfM9Uytkf Wi4UO5QT/PEwqHfG+8QveKnLmAlt3UH+dgjW9u2igqmAfCybzsBNBFMd83ABCADD9Xb47F3V 67iY9mMZRA3RYcswm5EZhj7LgEqu3iZcr5gkuq/+dYxf16HBTTAVpBECjVLP317BTZC5HC8h 5P5VHrA0ln6ItNNL0cJltDGsxQU+dYFh84WYaeMWh8ymr1dy/urNb7k5EqUM2B3pLGxW1KDN R/Y5vOfwjpVCSZgYnCrtu8i4tge2T9xLhMeQo+KTCRECPgZkh3YfJWfmWDp/A5kIetMmYsTE y60Zk338LnQLKdmxeEDFz2sICxRoZtJ1CN1U9qrTnXEcUU/OBjY72G4xh8RH/w5ToYoXE6rZ DR3RiDbD5xwVhYPjt7Zt3tmfMAkBZQDXx/PS1onzRVHjABEBAAHCwF8EGAECAAkFAlMd83AC GwwACgkQnaW4VbNpNJoZowf/e3hYARIpLmy2xcs7gU8rvoX7Mvf4bakt8s8u4lQ2q6KonEWO WMIENG6TaeRyjInzolAzTe5DPEIMWD8toI/bxNeA5/Cb24Op+4kgKgfMWfsX1+VOPS0H7RM3 53ODGBfEPy0Bytu448OiNOsEGI/EYL7UD95pvFT3hrdmya+kwXN5LeI2Y7O6f19F0WX4L4l+ 09k+KgS1wu+pMVYkGEI3akFzEr5ovwZwX/T57zFQf3NfMQ+8Pw29Yx5pDdlBvbe/14QcvNY5 aGo2M8d6zoRBogbAtb8FQ9GZIFA5LvZBsi9YpAFF+2Jd8p7lEmRKeHVh2DzJQjeyiXJdP4eK uskx/Q==
  • Delivered-to: mosquitto-dev@xxxxxxxxxxx
  • List-archive: <https://dev.eclipse.org/mailman/private/mosquitto-dev>
  • List-help: <mailto:mosquitto-dev-request@eclipse.org?subject=help>
  • List-subscribe: <https://dev.eclipse.org/mailman/listinfo/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=subscribe>
  • List-unsubscribe: <https://dev.eclipse.org/mailman/options/mosquitto-dev>, <mailto:mosquitto-dev-request@eclipse.org?subject=unsubscribe>
  • Openpgp: preference=signencrypt
  • User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0

On 2018-05-03 19:36, Leandro wrote:
> Using a second listener means to run another mosquitto process and a new
> port ?

No, that would be a second local broker (using the right bridge
configuration that could probably also do it).

However, "listener" is a mosquitto mechanism and keyword supported in
the configuration file for specifying a network interface, port and
associated options for the broker to bind to and accept network traffic on.

The default listener is set using the "bind_address" and "port" keywords
but multiple additional listeners can also be defined.
This is all quite clear from the documentation, see section "Listeners";
https://mosquitto.org/man/mosquitto-conf-5.html#idm45426323622992.

Per default all listeners will share the same topic domain but doesn't
have to, see the 'mount_point' keyword.


That was your 2nd), for the 1st) I guess you could be using a "pattern"
substitution ACL without a substitution character (inspecting the source
code of the parser that seems to be allowed).
The "pattern" keyword apply to all users regardless of preceding "user"
keywords in the ACL file, refer to the documentation of the file format
in the paragraph for the "acl_file" keyword:
https://mosquitto.org/man/mosquitto-conf-5.html#idm45426323747280.

Regards,
-- 
Mikkel

Attachment: signature.asc
Description: OpenPGP digital signature


Back to the top